Guest

Preview Tool

Cisco Bug: CSCvs32299 - 6821 attempts to establish TLS for SIP but fails to "unknown CA"

Last Modified

Jun 08, 2020

Products (1)

  • Cisco SIP IP Phone Software

Known Affected Releases

11.3(1)

Description (partial)

Symptom:
"We use GoDaddy SSL certificated and had an issue with them not being in the factory default trusted CA list for the 7800 and 8800 series models ? this was corrected in 11.2 firmware.  We have a similar issue with the 6821 on 11.2 but it is subtly different.  We can see the phone establish TLS to collect it's templates via HTTPS from cisco-dms.ntwine.xyz (packets 254-259), however when it subsequently attempts to establish TLS for SIP to our SBC on labsbc1.ntwine.xyz, it fails to ?unknown CA? (see packets 399 to 401).  We use the same CA for all certificates on the ntwine.xyz domain as can be seen in the detail of the packets (GoDaddy Secure Certificate Authority ? G2) so why is the 6821 accepting the CA for collecting its templates but rejecting the CA for TLS comms with the SBC?"

Conditions:
n/a
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.